Tools to improve consistency between privacy policies and current practices (RSLingo4Privacy)

Type: National Project

Duration: from 2014 Nov 01 to 2015 Nov 30

Financed by: FCT Carnegie Mellon

Prime Contractor: INESC-ID (Other)

The main goal of this project is to improve privacy by providing companies a set of languages and tools to align their policies with their practices, namely by introducing a privacy requirements specification into the regular software development process that allow to align multi-party expectations across multi-tier applications. To that end, and in the context of recent results from the RSLingo approach and our privacy policy analysis, we intend to research techniques that allow users to specify privacy-specific linguistics patterns (in RSL-PL) to allow automatic extraction of the relevant information from privacy policies into an equivalent intermediate (RSL-IL) format, and map or transform these specifications into equivalent Eddy specifications that, with proper tools allow checking conflicts between these privacy policies and user preferences and the developers’ privacy specifications. Moreover, the relevance of this research will be demonstrated through the analysis of real world privacy policies, namely those posted by the most popular web sites.

Partnerships

  • Carnegie Mellon University (University) - Pittsburgh, PA , USA
  • INESC-ID (Other)

Principal Investigators

Members